Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SKNnstmZhcndK5Mn86DZSIG7d2A.roa
File: SKNnstmZhcndK5Mn86DZSIG7d2A.roa (raw, json)
Hash identifier: UXOWtRF+WeI7zbaAU34a7tVRna6UnRNSHsLVRnvxMWY=
Subject key identifier: 48:A3:67:B2:D9:99:85:C9:DD:2B:93:27:F3:A0:D9:48:81:BB:77:60
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185E48AE9372F750EEC898E59B98EB91684
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SKNnstmZhcndK5Mn86DZSIG7d2A.roa
Signing time: Tue 24 Jan 2023 16:09:46 +0000
ROA not before: Tue 24 Jan 2023 16:09:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210041
IP address blocks: 2a0e:b107:272::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e4:8a:e9:37:2f:75:0e:ec:89:8e:59:b9:8e:b9:16:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 24 16:09:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48a367b2d99985c9dd2b9327f3a0d94881bb7760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e6:ac:fa:b1:90:14:06:71:e6:f9:8f:0a:ad:
ac:14:38:3e:ad:6b:86:ce:4e:c9:4f:87:66:41:b2:
75:9c:ea:65:02:98:8e:b2:d6:e2:36:64:95:3e:52:
ef:99:e9:21:59:be:0a:04:42:ce:a6:b5:7a:dc:f5:
b9:56:9b:fd:35:83:b6:aa:7d:93:b0:40:f3:00:b1:
bf:61:d8:01:37:9f:b1:fe:98:f6:2b:47:ca:e2:bb:
07:23:54:50:c6:5e:ad:f6:f4:b3:4e:3a:47:b7:5f:
6d:bf:00:a5:0d:2d:ab:0d:3e:ee:ca:f7:40:b2:11:
2a:57:6d:a2:bd:90:d5:26:78:30:21:d4:ed:df:45:
f6:81:d3:56:fe:d0:59:71:86:3b:6b:c7:16:76:32:
9a:ce:f9:a4:99:70:a0:62:f7:b9:2a:b3:30:c7:73:
2d:a0:38:bc:95:48:77:83:aa:ee:a0:08:d7:8b:60:
da:3a:40:e5:05:74:d5:36:f8:6e:bb:7a:e7:c3:a3:
84:9d:8a:53:d1:ea:e9:02:7c:f2:d4:56:18:f0:9a:
99:ff:a5:a6:c9:14:30:71:f6:0b:cd:b0:4b:22:fd:
fd:16:3c:bb:2e:31:89:bc:40:f7:cf:05:5b:1c:c4:
ef:e7:c6:e2:30:97:0e:a4:1b:ad:d6:9c:1f:ab:51:
1f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:A3:67:B2:D9:99:85:C9:DD:2B:93:27:F3:A0:D9:48:81:BB:77:60
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SKNnstmZhcndK5Mn86DZSIG7d2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:b107:272::/48
Signature Algorithm: sha256WithRSAEncryption
b5:ad:65:15:29:0f:69:09:fe:d4:f5:35:14:7d:b5:f6:0a:98:
a9:27:53:e0:4d:88:71:12:4b:8b:6f:31:96:70:73:f7:8f:ca:
1e:dc:24:cb:70:b9:62:3a:22:b0:97:a0:07:ca:6c:52:e2:54:
5c:f9:05:f8:48:54:90:45:2c:3e:cd:3f:65:47:92:98:95:ac:
47:d0:11:44:1b:bd:19:29:55:87:0d:5f:f1:81:47:5f:2b:18:
1b:8e:ea:f1:e8:4d:77:37:d9:ea:5c:f7:08:35:79:7d:81:3d:
5b:67:e8:aa:0a:2d:b6:d7:74:b4:9e:d2:97:6a:20:5e:e3:5b:
52:b9:8c:54:73:87:7a:5d:ea:11:70:a3:68:f8:5c:05:d9:54:
59:17:de:43:ee:b5:18:cf:27:25:11:60:2e:c5:44:e1:48:93:
a9:02:18:a5:bb:de:5d:f4:c9:11:9b:bf:38:5d:35:9a:d0:53:
d2:ec:4d:5b:d2:13:3b:a9:c7:2d:9d:7f:a8:07:29:a6:fc:20:
3a:2b:01:4e:74:dc:a4:fa:36:dd:9a:10:f1:be:1a:6e:6e:0b:
85:06:8f:70:dd:cf:f2:73:26:b3:87:a7:47:0d:13:81:6f:64:
fb:89:83:af:dc:e0:4f:91:6c:b9:f3:34:0a:b1:63:7b:ef:d4:
15:f1:df:7f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYXkiuk3L3UO7ImOWbmOuRaEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTI0MTYwOTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGEzNjdiMmQ5OTk4NWM5ZGQyYjkzMjdmM2EwZDk0ODgxYmI3NzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuas+rGQFAZx5vmPCq2sFDg+rWuG
zk7JT4dmQbJ1nOplApiOstbiNmSVPlLvmekhWb4KBELOprV63PW5Vpv9NYO2qn2T
sEDzALG/YdgBN5+x/pj2K0fK4rsHI1RQxl6t9vSzTjpHt19tvwClDS2rDT7uyvdA
shEqV22ivZDVJngwIdTt30X2gdNW/tBZcYY7a8cWdjKazvmkmXCgYve5KrMwx3Mt
oDi8lUh3g6ruoAjXi2DaOkDlBXTVNvhuu3rnw6OEnYpT0erpAnzy1FYY8JqZ/6Wm
yRQwcfYLzbBLIv39Fjy7LjGJvED3zwVbHMTv58biMJcOpBut1pwfq1EftwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEijZ7LZmYXJ3SuTJ/Og2UiBu3dgMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU0tObnN0bVpoY25kSzVNbjg2RFpTSUc3ZDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6xBwJy
MA0GCSqGSIb3DQEBCwUAA4IBAQC1rWUVKQ9pCf7U9TUUfbX2CpipJ1PgTYhxEkuL
bzGWcHP3j8oe3CTLcLliOiKwl6AHymxS4lRc+QX4SFSQRSw+zT9lR5KYlaxH0BFE
G70ZKVWHDV/xgUdfKxgbjurx6E13N9nqXPcINXl9gT1bZ+iqCi2213S0ntKXaiBe
41tSuYxUc4d6XeoRcKNo+FwF2VRZF95D7rUYzyclEWAuxUThSJOpAhilu95d9MkR
m784XTWa0FPS7E1b0hM7qcctnX+oBymm/CA6KwFOdNyk+jbdmhDxvhpubguFBo9w
3c/ycyazh6dHDROBb2T7iYOv3OBPkWy58zQKsWN779QV8d9/
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:31 2024 by rpki-client on console-fra.rpki-client.org